This text was created in partnership with Cowbell.
As cyber threats develop in frequency and complexity, companies are going through mounting stress to ramp up their defenses. In accordance with Cowbell’s Cyber Roundup: Claims Report 2025, organizations are seeing a continued international rise in cyberattacks, each in quantity and class, largely pushed by AI-enhanced campaigns.
What’s extra, industry-wide knowledge from the 2024 NAIC Cyber Insurance coverage Report revealed there’s been a document 33,561 reported cyber insurance coverage claims of late, indicating a gentle enhance in claims frequency. Regardless of this, Cowbell’s inside claims knowledge paints a nuanced image: whereas normal incident frequency has risen, ransomware claims have remained secure, constantly comprising 17–19% of all Cowbell claims between 2022 and 2024.
Talking to Insurance coverage Enterprise, Trent Cooksley, co-founder and chief working officer of Cowbell, revealed that within the face of this rising concern appearing preventatively relatively than curatively is essential.
“Frequency is growing throughout the board,” Cooksley agreed. “[As such], employers must be fascinated with the downtime that they may expertise in the event that they expertise an assault. Longer occasions, which means you may have enterprise interruption, are among the greater issues that we’re seeing come into the market, in addition to lawsuits and sophistication actions – particularly within the US.
“Each group, no matter measurement, can undertake low and even no-budget protections that may dramatically scale back threat. Multi-Issue Authentication (MFA) – we speak about that on a regular basis and it’s wonderful how folks nonetheless do not leverage it and even worse, utilizing it however not configuring appropriately. [It’s all about] worker coaching – as a result of, once more, phishing is getting extra complicated to interpret.”
Cyber insurance coverage as a device of resilience
And the information’s there to again Cooksley up. Cowbell’s report discovered that that phishing stays the most typical methodology of assault initiation, typically serving because the entry level for extra extreme incidents similar to enterprise e mail compromise (BEC), funds switch fraud, and ransomware. What’s extra, the FBI reported 193,000 complaints associated to phishing and spoofing in 2024, making these ways probably the most reported cybercrimes within the US.
As Cooksley informed IB, preparation is important right here. The actual measure of success for organizations is having a plan in place earlier than an incident happens – so you are not simply “taking pictures within the air” and appearing reactively.
“Have a response plan. Folks ought to know the way they’ll handle these issues,” Cooksley careworn. “Our crew at Cowbell may also help policyholders with all of this.”
And there’s no scarcity of organized cybercrime teams on the market trying to pry open your knowledge. As per Cowbell’s report, there’s 5 ransomware teams behind almost 48% of incidents with recognized risk actors:
- Akira (17.4%): Identified for double extortion, focusing on mid-sized companies.
- Play (9.2%): Makes use of stealthy assaults with delayed execution, making detection tougher.
- LockBit (7.7%): Operates as a ransomware-as-a-service (RaaS) platform with international attain.
- Fog (7.2%): Exploits unpatched VPNs and e mail programs, indicating opportunistic and technical sophistication.
- RansomHub (6.2%): Focuses on knowledge exfiltration and public leak threats.
With that in thoughts Cooksley, and his crew at Cowbell, believes cyber insurance coverage shouldn’t be considered merely as a post-incident security internet; it is also a real-time device for threat administration.
“A number of small to medium-sized corporations nonetheless do not buy it,” he informed IB. “[But] it’s a vital monetary and operational security internet when an incident does happen. For us, nevertheless, the very best carriers aren’t simply responding to breaches and paying them – we wish to proactively assist policyholders construct their resilience.
“At Cowbell, we do this by way of complimentary or discounted companies similar to [cybersecurity awareness] coaching, darkish internet monitoring, phishing simulations, pen testing, and having incident response hotlines. That’s the funding in cyber insurance coverage – simply as a lot as making a cost when one thing happens.”
Defenses in opposition to supercharged cyber threat
Whereas foundational defenses are vital, Cooksley revealed that extra subtle protections turn out to be important as corporations develop or face elevated threat.
“The following step after that’s extra superior cybersecurity measures,” he mentioned. “So if you happen to’re a company of measurement, that is when you actually need to start out fascinated with the way you’re rising or going through heightened threat and increasing past the fundamentals. That features managed detection and response, endpoint safety, penetration testing so you already know the place your weak factors are. Third-party assessments, vendor and provide chain threat evaluations – are you uncovered to particular distributors the place, if they’ve one thing, how is that going to influence what you are promoting?”
Cowbell’s report actually agrees, with their researchers highlighting that this struggle in opposition to cybercrime requires a complete organizational shift. Right here, the report factors to a 4 step method;
- Strengthening incident response capabilities by way of expert negotiation and fast motion.
- Prioritizing cyber hygiene and patch administration to defend in opposition to more and more focused assaults.
- Enhancing partnerships between companies and cyber insurers, making certain assist by way of each prevention and restoration phases.
- Investing in proactive instruments and threat monitoring, similar to Cowbell Components, to scale back publicity and enhance claims outcomes.
SMEs: The missed goal
All too typically, in the case of organizations investing in cyber insurance coverage, smaller corporations are inclined to have a misplaced sense of safety. As a result of the media tends to solely print headlines round international cyberattacks, ransomware heists that price companies tens of millions, SMEs suppose ‘it can by no means occur to them’ – however how incorrect they’re.
“They most likely have extra gaps than they’re conscious of,” added Cooksley. “And plenty of risk actors, whereas they’d relatively go after giant fish, aren’t at all times particularly focusing on that. They’re taking a shotgun method – consider it as strolling down the road and burgling whoever’s door is unlocked.”
It’s this false sense of confidence that’s leaving SMEs ripe for the choosing. Knowledge collated by Astra discovered that small companies account for 43% of cyberattacks yearly, costing SMEs a median of $25,000 every. What’s extra, simply 14% of SMEs impacted had been truly ready to face such an assault – and cash is simply a part of the loss.
“In case you’re small, it’s possible you’ll not have the resiliency to proceed transferring on,” added Cooksley. “Are you able to proceed working if you happen to’re hit with ransomware? I might argue that there is many who can’t. A misplaced shopper for a small enterprise is rather more impactful than misplaced purchasers in actually giant organizations – they’ll stand up to that a bit of bit extra. There’s additionally a further expense to really get to the restoration as a result of you do not have the capabilities in-house to do it. [Here], insurance coverage may also help bridge the hole offering safety in addition to offering the vital sources to get better rapidly after an assault.”
‘Cops and robbers’
As these assault turn out to be extra superior so too should the defenses – cyber insurance coverage should evolve in lockstep. And Cooksley affirmed that it’s.
“That is the age-old cops and robbers,” he informed IB. “If the unhealthy guys are going to develop extra sophistication, the great guys are going to proceed to struggle again and even be forward in plenty of instances. [Here], extra organizations are leveraging AI to streamline processes, enhance velocity and accuracy and supply proactive instruments to watch these threats.”
And for Cooksley, he was fast to emphasise the worth of cyber insurers’ ecosystem-wide view.
“We’re seeing the developments of the risk actors in actual time,” he mentioned. “I find out about explicit issues which can be occurring within the ecosystem that we haven’t needed to cope with ourselves but -but I see that as a result of our companions have. What Cowbell was premised on was steady monitoring. You need to frequently be updated on the brand new exposures which can be occurring and the brand new threats which can be occurring.
“Our platform was constructed to absorb real-time data and never have or not it’s in your commonplace insurance coverage cycle that’s usually at all times wanting into the previous. At Cowbell, we’re making an attempt to look into the longer term.”
